MicrosoftWell said Alex, one thing to consider, as the frontier spreads to the edges, an example, mfg and autonomous processes including equipment that was designed and built before now that has a direct real-world consequence. When authentication fails (or works) and there is a serious negative risk, where is the design boundary to say, automatic processes must not be used here, yet. The line in the sand. Moving towards if we modify / upgrade xyz then the risk is low enough to start testing in the lab with clear understanding of real-world implementation (or a plan to identify it). I consider financial market risk in this same realm. Really bad things tend to happen when people's money vanishes. There is still a vast install base with nothing more than a default password on the device. Thorough discovery processes with results held secret to not expose vulnerabilities is a critical part of the plan. We already see businesses connecting devices with risk and vulnerabilities marching forward to improve business effectiveness. In other words, growing network position and isolation tools hand in hand with Identity. No system can work effectively if all the parts are not understood, designed, tested and operation/safety checks in place. I am inspired by where this is all going, where we can take it? How do we do it right? Take care, Tom
